Cybersecurity and AI Interview Prep

Cybersecurity and AI Security Interview Topics

• CIA Triad -- Confidentiality, Integrity, Availability -- the three pillars of all security decisions
• OWASP Top 10 -- Broken Access Control, SQLi/XSS injection, Cryptographic Failures, SSRF top the list
• SQL injection defence -- parameterised queries always; never string concatenation in SQL
• XSS defence -- context-aware output encoding, Content Security Policy, HttpOnly cookies
• JWT vulnerabilities -- alg:none bypass, weak secrets, no revocation; fix: whitelist algorithms, strong secret
• Zero Trust -- verify every request; no perimeter trust; micro-segmentation, least privilege
• Prompt injection -- malicious input overrides LLM instructions; defend with sanitisation and structural separation
• Adversarial ML -- adversarial examples, model extraction, training data poisoning, backdoor attacks
• SSDLC -- security at every phase: threat model, SAST, DAST, secrets scan, container scan in CI/CD
• Incident response -- Prepare, Detect, Contain, Eradicate, Recover, Post-Incident (NIST)
• Differential privacy -- add calibrated noise to protect individual data in ML training
• AI governance -- bias detection (Fairlearn), explainability (SHAP), audit logs, EU AI Act compliance